Does changing your binary storage will cost you some (too much) money ?

Do you have conflicts between your IDE and your build process ?

Bad Execution time

Does your tests run time is too long ?

Does the build take too much time ?

Does your build time take time because you need to package for several environment ?

Does your build time is linked to the number of environment you deploy on ?

Does your build time is linked to the number of language of your application ?

Does your application used several programming languages, and you don’t know how to link them ?

Bad Dependencies management

For some libraries included, do you have no clue where they come from ?

Do you have a library , you don’t know the version ?

Does your configuration files are included in your libraries ?

Does some dependencies among your modules are out of control ?

Is there any transitives dependencies you don’t know ?

Do you need to change your setup generation, each time you change a dependencies ?

Not Helpful

Does your code contains some bugs ?

Do you have a developer not using the same coding practices than the rest of the team ?

Do you have a developer not using the same coding standard than the rest of the team ?

Do you have a developer frightening of doing refactoring ?

Do you have a developer who don’t know (don’t have a vision of) the quality of the code he work on ?

If you answered yes, to one of this question, you have a problem like Mister build. In the next posts we’ll see how a simple and automated build process, following less coupling rules, coupled with a continuous integration framework can help you.

As mister build answered yes to some of the questions … he will stay as a pedestrian for some more days …

Why not keeping the principle of less coupling to build/CI/static code analysis tools ????

Doing dcode is important, but application design should not be forget.

2) the second point, is some comments : it’s expensive to fix issues …

How can someone justify that fixing an issues at developing time … 5 .. 10 minutes … is more expensive that discovering the issue in production (something like 1$ a minute ? ) , requiring some dev again, some QA, some deployment …..

Of course, the bug may never be seen in production …. for how long ? Don’t forget the Murphy law : if you can have a problem, you’ll have it !

Rate this:

I love Static Code Analysis tools (SCA) because they are easy to use, easy to run, and most of the time very valuable.

You have of course, a learning step to know each families of tools (syntax checker, tools ensuring rules compliance, tools finding bugs,..) and to know which one to use and when to use it. But, as soon as you have this knowledge, you are very efficient and you can use them for example, during code review (even on large project) to have a good idea of the issues (it’s not easy to discover manually) or the origin of a problem. For example, you may have scalability issues on a project, but the root cause may be fully different from one project to an other one,…, the tools will help you to spot the origin.

So, I’m currently playing with several ‘bug finder’ tools, some commercial one, and some open source ones, on languages like Java/C/C++/C#,…The results ‘after some analysis’ give a good overview of a Project Quality.

So, like I am currently trying to explain to a friend of mine how to do Continuous Integration on top of Mysql (patches, plugin, specific hook, …) , I’m trying to plug some of these tools inside is Mysql CI line.

And … surprise …. more than 2000 potential bugs in Mysql Source code.

Lot of errors are due to memory handling, synchronization lock, ‘some’ function return null, and the result of the call is used without any tests, some errors with static/non static field, ….., …..

That’s impressive …. there was a lot of time I’ve not seen so many errors per line of code. Also, the errors are very heterogeneous in the code … (side effect of open source ? )

In the following table I give some metrics :Module Name Number of errors

client code

134

cmd-line-utils

80

core

1034

example

6

libmysql

211

mysys

61

server-tools

34

storage/archive

38

storage/blackhole

1

storage/csv

9

storage/federated

5

storage/heap

8

storage/innobase

262

storage/myisam

147

storage/ndb

785

system

0

For the experience I have, I can say than 85% of the time there is a real bugs when the tool launched raise a warning.
Sometime, it took time to discover but, it was right 🙂

Some examples extracted from Myisam storage engine :

* storage/myisam/mi_check.c

Return code not check : everywhere the return code is checked, and an error is raised … my checker assume the return code is critical. So why at this line … no check ???

Rate this:

My current hobby is to find efficient / easy to use / and well package tools to analyse code.

For those of you who don’t know these technics, I’ll summarize them as : ‘tools which analyse your source code, in order to help you to find potentiel bugs, or it try to convince you to change your way of programming and may give you some new programming hits, ….,’.

If your build process is clean, or if you use a standard IDE, adding these tools is very cheap, and the benefice is great.